CVE-2014-2414 - Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows rem

CVE-2014-2414

Summary

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.

References

Vulnerable Configurations

cpe:2.3:a:ibm:infosphere_streams:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_streams:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_streams:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_streams:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_streams:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_streams:3.2.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 08-09-2020 - 13:00)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2014:0413
rhsa
id RHSA-2014:0414
rhsa
id RHSA-2014:0675
rhsa
id RHSA-2014:0685

rpms

java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-src-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-src-1:1.6.0.75-1jpp.3.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el6_5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-accessibility-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-accessibility-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-headless-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.2.el7_0
java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-demo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-devel-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-javadoc-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-src-1:1.6.0.0-6.1.13.3.el7_0
java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-demo-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-devel-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-jdbc-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-plugin-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-src-1:1.7.1.1.0-1jpp.2.el7_0
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6

refmap via4

bid	66894
confirm	http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
debian	DSA-2912
gentoo	GLSA-201406-32 GLSA-201502-12
hp	HPSBUX03091 HPSBUX03092 SSRT101667 SSRT101668
secunia	58415
ubuntu	USN-2187-1 USN-2191-1

Last major update

08-09-2020 - 13:00

Published

16-04-2014 - 02:55

Last modified

08-09-2020 - 13:00